--- /dev/null
+From 8c9c4da2c156ee1fed4e685d42609b510019e269 Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Fri, 7 Feb 2020 12:57:36 +0100
+Subject: arm/ftrace: Fix BE text poking
+
+From: Peter Zijlstra <peterz@infradead.org>
+
+[ Upstream commit be993e44badc448add6a18d6f12b20615692c4c3 ]
+
+The __patch_text() function already applies __opcode_to_mem_*(), so
+when __opcode_to_mem_*() is not the identity (BE*), it is applied
+twice, wrecking the instruction.
+
+Fixes: 42e51f187f86 ("arm/ftrace: Use __patch_text()")
+Reported-by: Dmitry Osipenko <digetx@gmail.com>
+Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
+Signed-off-by: Ingo Molnar <mingo@kernel.org>
+Tested-by: Dmitry Osipenko <digetx@gmail.com>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ arch/arm/kernel/ftrace.c | 7 ++-----
+ 1 file changed, 2 insertions(+), 5 deletions(-)
+
+diff --git a/arch/arm/kernel/ftrace.c b/arch/arm/kernel/ftrace.c
+index faa9a905826ee..7982409e5c27f 100644
+--- a/arch/arm/kernel/ftrace.c
++++ b/arch/arm/kernel/ftrace.c
+@@ -105,13 +105,10 @@ static int ftrace_modify_code(unsigned long pc, unsigned long old,
+ {
+ unsigned long replaced;
+
+- if (IS_ENABLED(CONFIG_THUMB2_KERNEL)) {
++ if (IS_ENABLED(CONFIG_THUMB2_KERNEL))
+ old = __opcode_to_mem_thumb32(old);
+- new = __opcode_to_mem_thumb32(new);
+- } else {
++ else
+ old = __opcode_to_mem_arm(old);
+- new = __opcode_to_mem_arm(new);
+- }
+
+ if (validate) {
+ if (probe_kernel_read(&replaced, (void *)pc, MCOUNT_INSN_SIZE))
+--
+2.20.1
+
--- /dev/null
+From ac0d9266bb7b04c01c9b80f1299aef28fd973d05 Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Thu, 13 Feb 2020 13:16:16 +0000
+Subject: cfg80211: add missing policy for NL80211_ATTR_STATUS_CODE
+
+From: Sergey Matyukevich <sergey.matyukevich.os@quantenna.com>
+
+[ Upstream commit ea75080110a4c1fa011b0a73cb8f42227143ee3e ]
+
+The nl80211_policy is missing for NL80211_ATTR_STATUS_CODE attribute.
+As a result, for strictly validated commands, it's assumed to not be
+supported.
+
+Signed-off-by: Sergey Matyukevich <sergey.matyukevich.os@quantenna.com>
+Link: https://lore.kernel.org/r/20200213131608.10541-2-sergey.matyukevich.os@quantenna.com
+Signed-off-by: Johannes Berg <johannes.berg@intel.com>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ net/wireless/nl80211.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/net/wireless/nl80211.c b/net/wireless/nl80211.c
+index fd0bf278067ef..4b30e91106d07 100644
+--- a/net/wireless/nl80211.c
++++ b/net/wireless/nl80211.c
+@@ -330,6 +330,7 @@ static const struct nla_policy nl80211_policy[NUM_NL80211_ATTR] = {
+ [NL80211_ATTR_CONTROL_PORT_ETHERTYPE] = { .type = NLA_U16 },
+ [NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT] = { .type = NLA_FLAG },
+ [NL80211_ATTR_PRIVACY] = { .type = NLA_FLAG },
++ [NL80211_ATTR_STATUS_CODE] = { .type = NLA_U16 },
+ [NL80211_ATTR_CIPHER_SUITE_GROUP] = { .type = NLA_U32 },
+ [NL80211_ATTR_WPA_VERSIONS] = { .type = NLA_U32 },
+ [NL80211_ATTR_PID] = { .type = NLA_U32 },
+--
+2.20.1
+
--- /dev/null
+From 6bcad942d0427d28f24b7922a6b68adc3395ca77 Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Mon, 3 Feb 2020 10:56:50 +0000
+Subject: cfg80211: check wiphy driver existence for drvinfo report
+
+From: Sergey Matyukevich <sergey.matyukevich.os@quantenna.com>
+
+[ Upstream commit bfb7bac3a8f47100ebe7961bd14e924c96e21ca7 ]
+
+When preparing ethtool drvinfo, check if wiphy driver is defined
+before dereferencing it. Driver may not exist, e.g. if wiphy is
+attached to a virtual platform device.
+
+Signed-off-by: Sergey Matyukevich <sergey.matyukevich.os@quantenna.com>
+Link: https://lore.kernel.org/r/20200203105644.28875-1-sergey.matyukevich.os@quantenna.com
+Signed-off-by: Johannes Berg <johannes.berg@intel.com>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ net/wireless/ethtool.c | 8 ++++++--
+ 1 file changed, 6 insertions(+), 2 deletions(-)
+
+diff --git a/net/wireless/ethtool.c b/net/wireless/ethtool.c
+index e9e91298c70de..3cedf2c2b60bd 100644
+--- a/net/wireless/ethtool.c
++++ b/net/wireless/ethtool.c
+@@ -6,9 +6,13 @@
+ void cfg80211_get_drvinfo(struct net_device *dev, struct ethtool_drvinfo *info)
+ {
+ struct wireless_dev *wdev = dev->ieee80211_ptr;
++ struct device *pdev = wiphy_dev(wdev->wiphy);
+
+- strlcpy(info->driver, wiphy_dev(wdev->wiphy)->driver->name,
+- sizeof(info->driver));
++ if (pdev->driver)
++ strlcpy(info->driver, pdev->driver->name,
++ sizeof(info->driver));
++ else
++ strlcpy(info->driver, "N/A", sizeof(info->driver));
+
+ strlcpy(info->version, init_utsname()->release, sizeof(info->version));
+
+--
+2.20.1
+
--- /dev/null
+From 3fefd7d804a5327b8b0299ae0df15aea472e5104 Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Wed, 12 Feb 2020 15:31:48 -0600
+Subject: cifs: Fix mode output in debugging statements
+
+From: Frank Sorenson <sorenson@redhat.com>
+
+[ Upstream commit f52aa79df43c4509146140de0241bc21a4a3b4c7 ]
+
+A number of the debug statements output file or directory mode
+in hex. Change these to print using octal.
+
+Signed-off-by: Frank Sorenson <sorenson@redhat.com>
+Signed-off-by: Steve French <stfrench@microsoft.com>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ fs/cifs/cifsacl.c | 4 ++--
+ fs/cifs/connect.c | 2 +-
+ fs/cifs/inode.c | 2 +-
+ 3 files changed, 4 insertions(+), 4 deletions(-)
+
+diff --git a/fs/cifs/cifsacl.c b/fs/cifs/cifsacl.c
+index 3f93125916bf0..f5b87a8f75c47 100644
+--- a/fs/cifs/cifsacl.c
++++ b/fs/cifs/cifsacl.c
+@@ -480,7 +480,7 @@ static void access_flags_to_mode(__le32 ace_flags, int type, umode_t *pmode,
+ ((flags & FILE_EXEC_RIGHTS) == FILE_EXEC_RIGHTS))
+ *pmode |= (S_IXUGO & (*pbits_to_set));
+
+- cifs_dbg(NOISY, "access flags 0x%x mode now 0x%x\n", flags, *pmode);
++ cifs_dbg(NOISY, "access flags 0x%x mode now %04o\n", flags, *pmode);
+ return;
+ }
+
+@@ -509,7 +509,7 @@ static void mode_to_access_flags(umode_t mode, umode_t bits_to_use,
+ if (mode & S_IXUGO)
+ *pace_flags |= SET_FILE_EXEC_RIGHTS;
+
+- cifs_dbg(NOISY, "mode: 0x%x, access flags now 0x%x\n",
++ cifs_dbg(NOISY, "mode: %04o, access flags now 0x%x\n",
+ mode, *pace_flags);
+ return;
+ }
+diff --git a/fs/cifs/connect.c b/fs/cifs/connect.c
+index 4bde8acca455c..cf104bbe30a14 100644
+--- a/fs/cifs/connect.c
++++ b/fs/cifs/connect.c
+@@ -3402,7 +3402,7 @@ void cifs_setup_cifs_sb(struct smb_vol *pvolume_info,
+ cifs_sb->mnt_gid = pvolume_info->linux_gid;
+ cifs_sb->mnt_file_mode = pvolume_info->file_mode;
+ cifs_sb->mnt_dir_mode = pvolume_info->dir_mode;
+- cifs_dbg(FYI, "file mode: 0x%hx dir mode: 0x%hx\n",
++ cifs_dbg(FYI, "file mode: %04ho dir mode: %04ho\n",
+ cifs_sb->mnt_file_mode, cifs_sb->mnt_dir_mode);
+
+ cifs_sb->actimeo = pvolume_info->actimeo;
+diff --git a/fs/cifs/inode.c b/fs/cifs/inode.c
+index 0a219545940d9..8827de2ba7bef 100644
+--- a/fs/cifs/inode.c
++++ b/fs/cifs/inode.c
+@@ -1540,7 +1540,7 @@ int cifs_mkdir(struct inode *inode, struct dentry *direntry, umode_t mode)
+ struct TCP_Server_Info *server;
+ char *full_path;
+
+- cifs_dbg(FYI, "In cifs_mkdir, mode = 0x%hx inode = 0x%p\n",
++ cifs_dbg(FYI, "In cifs_mkdir, mode = %04ho inode = 0x%p\n",
+ mode, inode);
+
+ cifs_sb = CIFS_SB(inode->i_sb);
+--
+2.20.1
+
--- /dev/null
+From 39530e5b91d468239893423ba6d97b279dab27a8 Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Mon, 23 Dec 2019 10:42:19 -0600
+Subject: ipmi:ssif: Handle a possible NULL pointer reference
+
+From: Corey Minyard <cminyard@mvista.com>
+
+[ Upstream commit 6b8526d3abc02c08a2f888e8c20b7ac9e5776dfe ]
+
+In error cases a NULL can be passed to memcpy. The length will always
+be zero, so it doesn't really matter, but go ahead and check for NULL,
+anyway, to be more precise and avoid static analysis errors.
+
+Reported-by: kbuild test robot <lkp@intel.com>
+Signed-off-by: Corey Minyard <cminyard@mvista.com>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ drivers/char/ipmi/ipmi_ssif.c | 10 +++++++---
+ 1 file changed, 7 insertions(+), 3 deletions(-)
+
+diff --git a/drivers/char/ipmi/ipmi_ssif.c b/drivers/char/ipmi/ipmi_ssif.c
+index 67d23ed2d1a06..29082d99264e8 100644
+--- a/drivers/char/ipmi/ipmi_ssif.c
++++ b/drivers/char/ipmi/ipmi_ssif.c
+@@ -742,10 +742,14 @@ static void msg_done_handler(struct ssif_info *ssif_info, int result,
+ flags = ipmi_ssif_lock_cond(ssif_info, &oflags);
+ msg = ssif_info->curr_msg;
+ if (msg) {
++ if (data) {
++ if (len > IPMI_MAX_MSG_LENGTH)
++ len = IPMI_MAX_MSG_LENGTH;
++ memcpy(msg->rsp, data, len);
++ } else {
++ len = 0;
++ }
+ msg->rsp_size = len;
+- if (msg->rsp_size > IPMI_MAX_MSG_LENGTH)
+- msg->rsp_size = IPMI_MAX_MSG_LENGTH;
+- memcpy(msg->rsp, data, msg->rsp_size);
+ ssif_info->curr_msg = NULL;
+ }
+
+--
+2.20.1
+
--- /dev/null
+From f98322101518dc96d7d05e7bda16f10e2ea77863 Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Fri, 31 Jan 2020 13:12:58 +0200
+Subject: mac80211: consider more elements in parsing CRC
+
+From: Johannes Berg <johannes.berg@intel.com>
+
+[ Upstream commit a04564c99bb4a92f805a58e56b2d22cc4978f152 ]
+
+We only use the parsing CRC for checking if a beacon changed,
+and elements with an ID > 63 cannot be represented in the
+filter. Thus, like we did before with WMM and Cisco vendor
+elements, just statically add these forgotten items to the
+CRC:
+ - WLAN_EID_VHT_OPERATION
+ - WLAN_EID_OPMODE_NOTIF
+
+I guess that in most cases when VHT/HE operation change, the HT
+operation also changed, and so the change was picked up, but we
+did notice that pure operating mode notification changes were
+ignored.
+
+Signed-off-by: Johannes Berg <johannes.berg@intel.com>
+Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
+Link: https://lore.kernel.org/r/20200131111300.891737-22-luca@coelho.fi
+[restrict to VHT for the mac80211 branch]
+Signed-off-by: Johannes Berg <johannes.berg@intel.com>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ net/mac80211/util.c | 18 ++++++++++++------
+ 1 file changed, 12 insertions(+), 6 deletions(-)
+
+diff --git a/net/mac80211/util.c b/net/mac80211/util.c
+index 2214c77d41721..4301a92fc160f 100644
+--- a/net/mac80211/util.c
++++ b/net/mac80211/util.c
+@@ -939,16 +939,22 @@ u32 ieee802_11_parse_elems_crc(const u8 *start, size_t len, bool action,
+ elem_parse_failed = true;
+ break;
+ case WLAN_EID_VHT_OPERATION:
+- if (elen >= sizeof(struct ieee80211_vht_operation))
++ if (elen >= sizeof(struct ieee80211_vht_operation)) {
+ elems->vht_operation = (void *)pos;
+- else
+- elem_parse_failed = true;
++ if (calc_crc)
++ crc = crc32_be(crc, pos - 2, elen + 2);
++ break;
++ }
++ elem_parse_failed = true;
+ break;
+ case WLAN_EID_OPMODE_NOTIF:
+- if (elen > 0)
++ if (elen > 0) {
+ elems->opmode_notif = pos;
+- else
+- elem_parse_failed = true;
++ if (calc_crc)
++ crc = crc32_be(crc, pos - 2, elen + 2);
++ break;
++ }
++ elem_parse_failed = true;
+ break;
+ case WLAN_EID_MESH_ID:
+ elems->mesh_id = pos;
+--
+2.20.1
+
ext4-fix-potential-race-between-online-resizing-and-.patch
ext4-fix-potential-race-between-s_flex_groups-online.patch
ext4-fix-potential-race-between-s_group_info-online-.patch
+ipmi-ssif-handle-a-possible-null-pointer-reference.patch
+mac80211-consider-more-elements-in-parsing-crc.patch
+cfg80211-check-wiphy-driver-existence-for-drvinfo-re.patch
+arm-ftrace-fix-be-text-poking.patch
+cifs-fix-mode-output-in-debugging-statements.patch
+cfg80211-add-missing-policy-for-nl80211_attr_status_.patch
projects / thirdparty / kernel / stable-queue.git / commitdiff
